Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LYCq4MpNW73i7EoOiJ5-SVe7hLI.roa
File: LYCq4MpNW73i7EoOiJ5-SVe7hLI.roa (raw, json)
Hash identifier: 9i+BND3dXzr0Qc1gqWi9cPOuRw9IVh1AfkxgeG/Vz08=
Subject key identifier: 2D:80:AA:E0:CA:4D:5B:BD:E2:EC:4A:0E:88:9E:7E:49:57:BB:84:B2
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 2AF9
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LYCq4MpNW73i7EoOiJ5-SVe7hLI.roa
Signing time: Fri 01 Sep 2023 10:08:31 +0000
ROA not before: Fri 01 Sep 2023 10:08:31 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38841
IP address blocks: 123.195.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11001 (0x2af9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Sep 1 10:08:31 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2D80AAE0CA4D5BBDE2EC4A0E889E7E4957BB84B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:10:2e:69:04:a7:26:5f:34:5e:13:30:8c:6d:
f7:03:d9:d3:55:f2:4a:37:62:b1:4e:4b:d4:79:a6:
eb:ad:a1:97:4b:83:c3:81:69:5f:84:50:c3:f8:22:
0e:c1:82:a9:62:d3:d6:c3:aa:69:01:0f:8e:8c:ad:
31:66:26:6c:6d:64:ce:13:a8:61:8d:f7:31:f5:53:
ea:18:0c:0f:b4:62:2f:f2:55:df:41:86:76:a7:4a:
c8:1c:4e:58:c9:64:af:92:e5:b0:09:52:b5:e7:d2:
e0:a0:f7:c0:32:cc:bb:d1:99:f0:b4:3d:a9:40:5f:
f3:8c:86:e5:39:86:ea:51:a0:d0:88:18:52:2a:d1:
44:0c:3c:85:cb:3b:e9:d2:68:19:b2:7f:55:34:f6:
88:fb:7c:1a:80:af:60:68:fd:cc:e0:c7:ea:35:51:
38:be:84:c5:99:de:89:76:14:0e:c9:bc:1f:5a:9a:
b1:08:0e:ab:5e:04:26:58:05:09:22:fe:33:98:fa:
c2:da:a7:07:32:66:27:e7:35:1f:da:8d:18:39:31:
d5:1d:2b:26:a6:3e:22:8a:25:3d:b6:5e:15:80:65:
4f:52:41:b1:59:58:28:37:81:6b:39:c6:3f:4d:3b:
56:29:92:a4:9a:55:dd:91:00:13:8f:de:06:d3:5c:
2a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:80:AA:E0:CA:4D:5B:BD:E2:EC:4A:0E:88:9E:7E:49:57:BB:84:B2
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/LYCq4MpNW73i7EoOiJ5-SVe7hLI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.195.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:b1:bf:67:93:70:4e:f4:6a:0e:94:d6:51:9c:17:3d:b7:36:
d0:31:28:15:c1:4f:1a:ba:f9:3a:fd:40:5e:2e:fe:db:52:00:
a4:d6:67:e5:3e:af:f7:88:27:cd:6c:4a:cf:fb:e9:f3:22:3d:
58:01:a9:b3:b6:17:a7:c4:ff:d7:a5:30:65:2e:9a:ff:a2:0d:
82:fd:77:2b:e2:b5:71:f6:56:52:16:cc:bd:0a:d5:e8:82:14:
0b:35:cf:b6:12:fb:2d:2e:8f:84:88:bc:1d:f9:82:d6:b9:e7:
a5:29:a3:6a:7e:e6:ee:4e:78:7f:1b:72:59:0c:49:03:f3:7a:
d1:42:d8:50:a8:06:d6:8f:6d:55:3b:c0:3a:58:1d:44:9a:bb:
d3:90:e4:32:62:1b:56:62:8a:1d:af:79:0c:71:7a:19:e1:3a:
ca:f7:38:84:74:b7:41:db:10:10:72:4d:da:04:98:46:00:5e:
5d:85:5b:10:ae:b4:c4:bc:30:1e:44:63:54:14:09:31:77:17:
77:0f:6a:eb:e6:91:16:f6:b2:11:b2:58:a2:fd:e9:6b:5a:4e:
1a:db:ec:de:73:2b:0e:76:c3:5d:73:07:e5:65:15:57:71:a3:
68:d2:45:27:d3:55:71:f1:99:53:ac:20:99:f4:34:9e:60:cb:
a4:b1:61:89
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA4MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJEODBBQUUwQ0E0RDVC
QkRFMkVDNEEwRTg4OUU3RTQ5NTdCQjg0QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDEC5pBKcmXzReEzCMbfcD2dNV8ko3YrFOS9R5puutoZdLg8OB
aV+EUMP4Ig7Bgqli09bDqmkBD46MrTFmJmxtZM4TqGGN9zH1U+oYDA+0Yi/yVd9B
hnanSsgcTljJZK+S5bAJUrXn0uCg98AyzLvRmfC0PalAX/OMhuU5hupRoNCIGFIq
0UQMPIXLO+nSaBmyf1U09oj7fBqAr2Bo/czgx+o1UTi+hMWZ3ol2FA7JvB9amrEI
DqteBCZYBQki/jOY+sLapwcyZifnNR/ajRg5MdUdKyamPiKKJT22XhWAZU9SQbFZ
WCg3gWs5xj9NO1YpkqSaVd2RABOP3gbTXCpJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULYCq4MpNW73i7EoOiJ5+SVe7hLIwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0xZQ3E0TXBOVzczaTdFb09p
SjUtU1ZlN2hMSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
w6wwDQYJKoZIhvcNAQELBQADggEBAKWxv2eTcE70ag6U1lGcFz23NtAxKBXBTxq6
+Tr9QF4u/ttSAKTWZ+U+r/eIJ81sSs/76fMiPVgBqbO2F6fE/9elMGUumv+iDYL9
dyvitXH2VlIWzL0K1eiCFAs1z7YS+y0uj4SIvB35gta556Upo2p+5u5OeH8bclkM
SQPzetFC2FCoBtaPbVU7wDpYHUSau9OQ5DJiG1Ziih2veQxxehnhOsr3OIR0t0Hb
EBByTdoEmEYAXl2FWxCutMS8MB5EY1QUCTF3F3cPauvmkRb2shGyWKL96WtaThrb
7N5zKw52w11zB+VlFVdxo2jSRSfTVXHxmVOsIJn0NJ5gy6SxYYk=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:18 2024 by rpki-client on console-ams.rpki-client.org